-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1,SHA512
Thu, Jan 27 2011 22:08:31 -0800
Given the issues with SHA1, I've generated a new OpenPGP key, and will be
transitioning away from my old one.
The old key will continue to be valid for some time, but I prefer that all
future correspondence to come to the new one. I would also like this new
key to be re-integrated into the web of trust. This message is signed by
both keys in order to certify the old transition.
The old key was:
pub 1024D/641E358B 2001-04-12
Key fingerprint = 42F5 91FD E577 F545 FB40 8F6B 7241 856B 641E 358B
And the new key is:
pub 4096R/16A0DE01 2011-01-28
Key fingerprint = 19BB CAEF 7B19 B280 A0E2 175E 62D4 8FAD 16A0 DE01
To fetch the full key, you can get it with:
curl http://ben.reser.org/benreser.asc | gpg --import -
Or, to fetch my new key from a public key server, you can simply do:
gpg --keyserver hkp://keys.gnupg.net --recv-key 16A0DE01
If you already know my old key, you can now verify that the new key is
signed by the old one:
gpg --check-sigs 16A0DE01
If you don't already know my old key, or you just want to be double
extra paranoid, you can check the fingerprint against the one above:
gpg --fingerprint 16A0DE01
If you are satisfied that you've got the right key, and the UIDs match
what you expect, I'd appreciate it if you would sign my key:
gpg --sign-key 16A0DE01
Lastly, if you could upload these signatures, i would appreciate it.
You can either send me an e-mail with the new signatures (if you have
a functional MTA on your system):
gpg --armor --export 16A0DE01 | mail -s 'OpenPGP Signatures' ben@reser.org
Or you can just upload the signatures to a public keyserver directly:
gpg --keyserver hkp://keys.gnupg.net --send-key 16A0DE01
Please let me know if there is any trouble, and sorry for the
inconvenience.
Regards,
Ben Reser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)
iEYEARECAAYFAk1CZS4ACgkQckGFa2QeNYuf4gCdFC4SfT6QYan9PBA3MTG7C+k8
sVgAnj/xZTPx5Y1F7fyHm/10PVaXQ6yWiQIcBAEBCgAGBQJNQmUuAAoJEGLUj60W
oN4BUeIP/R76+FvsR8EFuVuxBokCBqqHOnN9sVeyBU5SixOw/mTMkBjbx/5S6glW
GMIkY1yW3Iak2jsyFjEUUyS6xCu4kHoepy9O53FtiPQDgYwqbRn6x7hXiGeeEyde
vKxLQ3p/zokvnjJ4jR24BWmWH0SZJ4DRjFS45IaOP60vc4e9HMphruy6czlgb1wy
ui2S3zZeQ/zT5hPjSUHpzmLk5SpQmuN9JP/O4Zodusm2lESn4gChb0Ap3HcjIDUs
DntmFrM3slFWvSYKoPZL3xBd2h4BBwELN7i25h34Q/wWhvc4WkfJO4n8ftSEycFT
gsIS/fOTLbjCnbIOsC+/nI9OQcjY4URntA7+taTVHA5urw8Ia2vv00qMw2OYtNUL
cztNCXgUstlPq/dQJwela6Ark1StmMKzeSjUIAgIxXqd5Eh2kL8d9B8gW+4/hT4j
0AuM+v0a0PMXP7hWAsPuuPmqx8TPtBb/3UxBQsnFcSkE/zDiI2G/O3C2J6O3PINT
4bD2FtgZT5uY9E6BFHP1x89A4CCDXm2zmW7PHuJFS13bAsiCRTi5ttcGTSj2C0Fl
OtiDaNxHJuxvoYzSSNqXbi5KYIkFMaZxcs85poy/b/ND203oF2YL6fQaHAREDu2d
YPyd0kqocVgIiZolodyHaPHJKaDaSLIKI+sWBPQgyiZ7TusMgWTU
=i8DN
-----END PGP SIGNATURE-----